| |
| |||||||
Log-Analyse und Auswertung: 302 moved the document has moved hereWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.07.2015, 17:37
| #1 |
 |  302 moved the document has moved here Hallo Trojaner, beim Surfen habe ich gerade mehrfach bei einer Suchamfrage mit Firefox die Meldung 302 moved the document has moved here anstelle normaler Suchergebnisse bekommen. Das scheint mir sehr verdächtig. Hat Jemand Erfahrungen damit? Was macht man da? Gruss Jan |
|
25.07.2015, 17:47
| #2 |
| /// the machine /// TB-Ausbilder    | 302 moved the document has moved here welche Suchanfrage genau?
__________________
__________________ |
|
26.07.2015, 08:53
| #3 |
| | 302 moved the document has moved here Hallo Schrauber,
__________________ich glaube ich habe aus einer Ergebnisliste per Copy und Paste den Namen einer amerikanischen Uni, welche ein Fernstudium in Statistik anbietet in das Suchfeld übertragen. Gruss Jan Von dieser Seite kam ich: hxxp://www.mastersportal.eu/universities/11880/kansas-state-university.html Ich fürchte hier ist Malware am Werk oder? Ich habe jetzt Angst meine Passwörter im Internet zu benutzen. Wenn Malware diese dann "abfängt"? Über Unterstützung würde ich mich sehr freuen. Bitte helft mir. Gruss Jan Das Installieren von FRST64 klappt nicht. Ich lade es jetzt zum x-mal herunter. Wenn ich es ausführen will gibt es die Fehlermeldung, es könne auf die Datei nicht zugegriffen werden, obwohl ich über Administratorrechte verfüge. Ok, Norton hat die Datei jedesmal gelöscht. Ich habe jetzt bei Norton die Datei wieder hergestellt. Hier kommt der LOG: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015
durchgeführt von jan (Administrator) auf JANISMASCHINE (26-07-2015 09:48:23)
Gestartet von C:\Users\jan\Downloads
Geladene Profile: jan (Verfügbare Profile: jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\P1801 System Behavior\P1801Ctrl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\ASUS Transformer AiO\TaichiHome.exe
(ASUS) C:\Program Files (x86)\asus\Splendid\ACMON.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
() C:\Program Files (x86)\asus\Splendid\ColorUService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\ASUS Easy Update\ALU.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\ASUS Transformer AiO\AsRunASUSTransAiO.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\Connection Builder\conBuilder.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\ASUS Key Suite\AsKeySuite.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\SysWOW64\UMonit.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\jan\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Spotify Ltd) C:\Users\jan\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Spotify Ltd) C:\Users\jan\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Spotify Ltd) C:\Users\jan\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\asus\AI Suite II\AI Suite II.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2012-11-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1234064 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit.exe [40960 2012-11-08] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-03-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [IBP] => [X]
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [Spotify Web Helper] => C:\Users\jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-25] (Spotify Ltd)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [Spotify] => C:\Users\jan\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-25] (Spotify Ltd)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [Dropbox Update] => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Run: [GoogleChromeAutoLaunch_E07C82062DB7E514142BFA66A8C1768E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-24] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-03-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1644989510-745574122-4044334557-1001 -> {55E8287E-25D7-4FF4-B1D8-ADD9399EA3D5} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll Keine Datei
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - Keine Datei
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B28C299D-2B5E-459A-BFF2-372EBED79637}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CF517051-3B82-4096-AE3C-3B7DA6D47701}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\842qrqod.default-1426750885569
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1644989510-745574122-4044334557-1001: @citrixonline.com/appdetectorplugin -> C:\Users\jan\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-06-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-1644989510-745574122-4044334557-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll [2013-03-11] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll [2010-03-31] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Users\jan\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-03-08] (Cisco WebEx LLC)
FF Extension: Ghostery - C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\842qrqod.default-1426750885569\Extensions\firefox@ghostery.com.xpi [2015-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-07-26]
Chrome:
=======
CHR Profile: C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-18]
CHR Extension: (Google Drive) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12]
CHR Extension: (YouTube) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-18]
CHR Extension: (Total Validator) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcjipgbidiomdljbodfhameekcfcbpk [2014-10-16]
CHR Extension: (Google Search) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-18]
CHR Extension: (MozBar) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2014-06-20]
CHR Extension: (Translate Selected Text) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2015-05-17]
CHR Extension: (Accessibility Developer Tools) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpkknkljclfencbdbgkenhalefipecmb [2014-11-19]
CHR Extension: (Ripple Emulator (Beta)) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\geelfhphabnejjhdalkjhgipohgpdnoc [2015-05-13]
CHR Extension: (Pin It Button) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-18]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2014-01-05]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-12]
CHR Extension: (Norton Identity Safe) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-29]
CHR Extension: (Norton Security Toolbar) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-22]
CHR Extension: (Ghostery) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-24]
CHR Extension: (Delicious Bookmarks Extension) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnaelnkmidnndgikjbiifihgklnocljd [2014-01-08]
CHR Extension: (PageRank) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmblkkmdeobfklgefdnoakgkmcekhcg [2014-01-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (SEO Global For Google Search™) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgmigafbpedhdilmemphfklkbghlphi [2014-03-15]
CHR Extension: (Gmail) - C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [656976 2013-05-21] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-06-17] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [60928 2012-07-06] (GenesysLogic)
S3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-08-22] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [375040 2013-08-22] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150724.001\IDSvia64.sys [692984 2015-06-20] (Symantec Corporation)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150725.003\ENG64.SYS [138488 2015-07-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150725.003\EX64.SYS [2146040 2015-07-23] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R3 stdpms; C:\Windows\System32\drivers\stdpms.sys [28904 2013-10-22] (Splashtop Inc.)
R3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2013-10-22] (Splashtop Inc.)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-26 09:48 - 2015-07-26 09:48 - 00035292 _____ C:\Users\jan\Downloads\FRST.txt
2015-07-26 09:47 - 2015-07-26 09:48 - 00000000 ____D C:\FRST
2015-07-26 09:44 - 2015-07-26 09:44 - 02146816 _____ (Farbar) C:\Users\jan\Downloads\frst64.exe
2015-07-26 08:46 - 2015-07-26 08:47 - 00000468 _____ C:\Users\jan\Downloads\defogger_disable.log
2015-07-26 08:46 - 2015-07-26 08:46 - 00000000 _____ C:\Users\jan\defogger_reenable
2015-07-26 08:45 - 2015-07-26 08:45 - 00050477 _____ C:\Users\jan\Downloads\Defogger.exe
2015-07-24 13:44 - 2015-07-24 13:44 - 00000000 ____D C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-24 09:08 - 2015-07-24 09:08 - 00001606 _____ C:\Users\jan\AppData\Local\recently-used.xbel
2015-07-24 09:05 - 2015-07-24 09:08 - 00000000 ____D C:\Users\jan\AppData\Local\gtk-2.0
2015-07-24 09:05 - 2015-07-24 09:05 - 00000000 ____D C:\Users\jan\.thumbnails
2015-07-24 09:03 - 2015-07-24 09:14 - 00000000 ____D C:\Users\jan\.gimp-2.8
2015-07-24 09:03 - 2015-07-24 09:03 - 00000000 ____D C:\Users\jan\AppData\Local\gegl-0.2
2015-07-24 09:02 - 2015-07-24 09:02 - 00000917 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-07-24 09:01 - 2015-07-24 09:01 - 00000000 ____D C:\Program Files\GIMP 2
2015-07-24 08:57 - 2015-07-24 08:59 - 91931728 _____ (The GIMP Team ) C:\Users\jan\Downloads\gimp-2.8.14-setup-1.exe
2015-07-23 14:31 - 2015-07-23 14:32 - 00000000 ____D C:\Users\jan\Documents\Fax
2015-07-22 12:25 - 2015-07-22 12:26 - 01275020 _____ C:\Users\jan\Downloads\powerpress.6.0.3.zip
2015-07-21 21:29 - 2015-07-21 21:29 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-21 08:10 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-21 08:10 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-21 08:10 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-21 08:10 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-20 13:06 - 2015-07-20 13:06 - 00000000 ____D C:\Users\jan\Desktop\Homepage
2015-07-18 21:42 - 2015-07-18 21:43 - 00230546 _____ C:\Users\jan\Downloads\pinterest-pin-it-button.2.1.0.1.zip
2015-07-18 15:46 - 2015-07-18 15:46 - 00105714 _____ C:\Users\jan\Downloads\posts-by-tag.3.1.3.zip
2015-07-18 14:27 - 2015-07-18 14:27 - 00006030 _____ C:\Users\jan\Downloads\display-posts-shortcode.2.4.zip
2015-07-17 18:30 - 2015-07-17 18:30 - 00000000 ____D C:\Users\jan\AppData\Local\CEF
2015-07-16 11:27 - 2015-07-16 11:27 - 00053350 _____ C:\Users\jan\Downloads\Anzeigenbericht.csv
2015-07-16 08:29 - 2015-07-26 09:34 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-16 08:29 - 2015-07-16 08:29 - 00004118 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 08:26 - 2015-07-16 08:26 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 08:24 - 2015-07-26 09:37 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-15 13:03 - 2015-07-26 00:07 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-15 13:03 - 2015-07-15 13:11 - 00003916 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-15 12:59 - 2015-07-15 12:59 - 01187520 _____ (Adobe Systems Incorporated) C:\Users\jan\Downloads\flashplayer18pp_fa_install.exe
2015-07-15 10:38 - 2015-07-15 10:39 - 16585328 _____ C:\Users\jan\Downloads\thrive-visual-editor.zip
2015-07-15 08:38 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-07-15 08:38 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-07-15 08:38 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-07-15 08:38 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-15 08:38 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-15 08:38 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2015-07-15 08:38 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-07-15 08:38 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-07-15 08:38 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-07-15 08:38 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-15 08:38 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-07-15 08:38 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-07-15 08:38 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-15 08:37 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-07-15 08:37 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-07-15 08:37 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-15 08:37 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-07-15 08:37 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-07-15 08:37 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-15 08:37 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-07-15 08:37 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-15 08:37 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-07-15 08:37 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-15 08:37 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-15 08:37 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-15 08:37 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-15 08:37 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-15 08:37 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-07-15 08:37 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-15 08:37 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-15 08:37 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-15 08:37 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-07-15 08:37 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-07-15 08:37 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-07-15 08:37 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-07-15 08:37 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-07-15 08:37 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-07-15 08:37 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-07-15 08:37 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-07-15 08:37 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-07-15 08:37 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-07-15 08:37 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-07-15 08:37 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-15 08:37 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-15 08:37 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-15 08:37 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-15 08:37 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-07-15 08:37 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-07-15 08:37 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-15 08:37 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-15 08:37 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-15 08:37 - 2015-05-11 20:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-07-15 08:37 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-07-15 08:37 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-15 08:37 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-07-15 08:37 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-07-15 08:37 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-15 08:37 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-15 08:37 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-07-15 08:37 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 08:37 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 08:37 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-07-15 08:37 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-07-15 08:37 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-07-15 08:37 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-15 08:37 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-07-15 08:37 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-07-15 08:37 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-07-15 08:37 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-07-15 08:37 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-07-15 08:37 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-07-15 08:37 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-07-15 08:36 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-15 08:36 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-15 08:36 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-15 08:36 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-15 08:36 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-15 08:36 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-15 08:36 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2015-07-15 08:36 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 08:36 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-07-15 08:36 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-07-15 08:36 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-07-15 08:36 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-07-15 08:36 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-07-15 08:36 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-07-15 08:36 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-07-15 08:36 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-07-15 08:36 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-07-15 08:36 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-07-15 08:36 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-07-15 08:36 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-07-15 08:36 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-07-15 08:36 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-15 08:36 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-15 08:36 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-15 08:36 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-15 08:36 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-07-15 08:36 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-07-15 08:36 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-07-15 08:36 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-07-15 08:36 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-07-15 08:36 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-15 08:36 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-15 08:36 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-15 08:36 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-15 08:36 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-15 08:36 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-15 08:36 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-07-15 08:36 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-15 08:36 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-15 08:36 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-15 08:36 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-15 08:36 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-15 08:36 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-15 08:36 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-07-15 08:36 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-07-15 08:36 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-07-15 08:36 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-15 08:36 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-15 08:32 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-15 08:32 - 2015-05-02 01:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-15 08:31 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-15 08:31 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-07-13 21:47 - 2015-07-13 21:47 - 00023046 _____ C:\Users\jan\Downloads\Bericht _Suchbegriffe_13_7.csv
2015-07-11 10:32 - 2015-07-11 10:32 - 06483456 _____ (Tim Kosse) C:\Users\jan\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-10 20:20 - 2015-07-10 20:20 - 00000000 ____D C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdWords Editor
2015-07-10 20:20 - 2015-07-10 20:20 - 00000000 ____D C:\Users\jan\AppData\Roaming\Google
2015-07-10 20:18 - 2015-07-10 20:19 - 54439936 _____ C:\Users\jan\Downloads\google_adwords_editor_de.msi
2015-07-10 17:05 - 2015-07-10 17:05 - 00010092 _____ C:\Users\jan\Desktop\HTML5-1.html
2015-07-10 16:00 - 2015-07-10 16:00 - 11336344 _____ C:\Users\jan\Downloads\backup_2015-07-10-1359_Medizin_und_Lebenskunst_Akademie_04508dac4fca-plugins.zip.part
2015-07-10 15:57 - 2015-07-10 15:57 - 00412238 _____ C:\Users\jan\Downloads\backup_2015-07-10-1359_Medizin_und_Lebenskunst_Akademie_04508dac4fca-db.gz
2015-07-08 21:13 - 2015-07-08 21:13 - 21233222 _____ C:\Users\jan\Downloads\jan.zip
2015-07-06 12:13 - 2015-07-06 19:46 - 00625664 _____ C:\Users\jan\Desktop\Kopie von Max Glucose Tabelle Jul 15.xls
2015-07-05 01:33 - 2015-07-05 01:33 - 00624128 _____ C:\Users\jan\Desktop\Kopie von Glukosetabelle_neu.xls
2015-07-03 14:47 - 2015-07-17 15:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-03 14:47 - 2015-07-03 14:47 - 00002074 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-03 10:04 - 2015-07-03 10:04 - 02362290 _____ C:\Users\jan\Downloads\wptouch-pro-latest.zip
2015-07-03 09:53 - 2015-07-03 09:53 - 05700060 _____ C:\Users\jan\Downloads\jetpack.3.5.3.zip
2015-07-02 21:21 - 2015-07-02 23:33 - 00000000 ____D C:\Users\jan\Downloads\B324-15D_01(2)
2015-07-02 21:21 - 2015-07-02 21:21 - 00677095 _____ C:\Users\jan\Downloads\B324-15D_01(2).zip
2015-07-02 21:13 - 2015-07-02 21:13 - 00677095 _____ C:\Users\jan\Downloads\B324-15D_01(1).zip
2015-07-02 20:55 - 2015-07-02 20:55 - 00677095 _____ C:\Users\jan\Downloads\B324-15D_01.zip
2015-07-02 19:25 - 2015-07-02 19:25 - 02868507 _____ C:\Users\jan\Downloads\wp-mobile-detector.3.3.zip
2015-07-02 19:01 - 2015-07-02 19:01 - 00532731 _____ C:\Users\jan\Downloads\highwind.1.2.7(1).zip
2015-07-02 18:41 - 2015-07-02 18:41 - 02460070 _____ C:\Users\jan\Downloads\wptouch.3.8.1(1).zip
2015-07-02 18:37 - 2015-07-02 18:37 - 00099591 _____ C:\Users\jan\Downloads\any-mobile-theme-switcher.1.8.zip
2015-07-02 18:36 - 2015-07-02 18:36 - 02460070 _____ C:\Users\jan\Downloads\wptouch.3.8.1.zip
2015-07-02 18:20 - 2015-07-02 18:20 - 00532731 _____ C:\Users\jan\Downloads\highwind.1.2.7.zip
2015-07-02 17:44 - 2015-07-24 17:36 - 00632832 _____ C:\Users\jan\Desktop\Max Glucose Tabelle Jul 15.xls
2015-07-02 14:53 - 2015-07-02 14:53 - 00776603 _____ C:\Users\jan\Downloads\mobileview.zip
2015-07-02 14:27 - 2015-07-02 14:27 - 00102814 _____ C:\Users\jan\Downloads\mobiletheme.zip
2015-07-02 14:03 - 2015-07-02 14:03 - 00300075 _____ C:\Users\jan\Downloads\mobile-smart.zip
2015-07-02 12:13 - 2015-07-02 12:13 - 00444749 _____ C:\Users\jan\Downloads\rocket-wp-mobile.0.4.zip
2015-07-02 12:11 - 2015-07-02 12:11 - 01398908 _____ C:\Users\jan\Downloads\add-premium-functionality.zip
2015-07-02 11:35 - 2015-07-02 11:35 - 00292770 _____ C:\Users\jan\Downloads\backup_2015-07-02-1021_Medizin_und_Lebenskunst_Akademie_6d3c6a381f1d-others.zip
2015-07-02 11:34 - 2015-07-02 11:34 - 09126018 _____ C:\Users\jan\Downloads\backup_2015-07-02-1021_Medizin_und_Lebenskunst_Akademie_6d3c6a381f1d-uploads.zip
2015-07-02 11:33 - 2015-07-02 11:33 - 03638605 _____ C:\Users\jan\Downloads\backup_2015-07-02-1021_Medizin_und_Lebenskunst_Akademie_6d3c6a381f1d-themes.zip
2015-07-02 11:32 - 2015-07-02 11:32 - 11176897 _____ C:\Users\jan\Downloads\backup_2015-07-02-1021_Medizin_und_Lebenskunst_Akademie_6d3c6a381f1d-plugins.zip
2015-07-02 11:30 - 2015-07-02 11:30 - 00363691 _____ C:\Users\jan\Downloads\backup_2015-07-02-1021_Medizin_und_Lebenskunst_Akademie_6d3c6a381f1d-db.gz
2015-07-02 00:12 - 2015-07-26 09:36 - 00003438 _____ C:\WINDOWS\setupact.log
2015-07-02 00:12 - 2015-07-02 00:12 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-30 09:52 - 2015-06-30 09:52 - 00036043 _____ C:\Users\jan\Downloads\www-panelsell-com_20150630T075207Z_SearchAnalytics.csv
2015-06-26 13:16 - 2015-06-26 13:16 - 00608677 _____ C:\Users\jan\Downloads\wp-google-analytics-events.1.6.zip
2015-06-26 13:13 - 2015-06-26 13:13 - 00008294 _____ C:\Users\jan\Downloads\gravitate-event-tracking.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-26 09:45 - 2013-11-14 09:27 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 09:45 - 2013-11-14 09:11 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-26 09:45 - 2013-11-14 09:11 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-26 09:43 - 2015-06-16 08:31 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001UA.job
2015-07-26 09:43 - 2013-12-18 11:33 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1644989510-745574122-4044334557-1001
2015-07-26 09:41 - 2014-01-17 23:58 - 01168669 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-26 09:40 - 2013-12-18 11:27 - 00000062 _____ C:\Users\jan\AppData\Roaming\sp_data.sys
2015-07-26 09:39 - 2014-11-04 11:42 - 00000000 ___RD C:\Users\jan\Dropbox
2015-07-26 09:38 - 2015-05-30 09:17 - 00000674 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1644989510-745574122-4044334557-1001.job
2015-07-26 09:38 - 2014-11-04 11:38 - 00000000 ____D C:\Users\jan\AppData\Roaming\Dropbox
2015-07-26 09:38 - 2013-12-22 15:44 - 00000000 ____D C:\Users\jan\AppData\Local\Spotify
2015-07-26 09:38 - 2013-12-22 15:43 - 00000000 ____D C:\Users\jan\AppData\Roaming\Spotify
2015-07-26 09:37 - 2015-05-15 19:04 - 00000000 ____D C:\Users\jan\AppData\Local\TSVNCache
2015-07-26 09:37 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-26 09:36 - 2014-01-17 23:59 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-26 09:35 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-26 09:34 - 2014-01-18 00:19 - 01242112 ___SH C:\Users\jan\Desktop\Thumbs.db
2015-07-26 09:24 - 2014-06-13 13:04 - 00000578 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1644989510-745574122-4044334557-1001.job
2015-07-26 09:12 - 2013-12-22 15:06 - 11235328 ___SH C:\Users\jan\Downloads\Thumbs.db
2015-07-26 09:04 - 2013-12-19 12:56 - 00000000 ____D C:\Users\jan\AppData\Roaming\Skype
2015-07-26 09:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-26 08:53 - 2015-05-05 16:09 - 00000000 ____D C:\Users\jan\Desktop\Medizin und Lebenskunst Akademie
2015-07-26 08:46 - 2014-01-18 00:02 - 00000000 ____D C:\Users\jan
2015-07-26 08:21 - 2014-01-18 02:52 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{47914F28-FFAC-45B3-9F19-9481FF8DCC30}
2015-07-26 00:08 - 2013-12-18 16:17 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-25 18:42 - 2015-06-16 08:31 - 00001192 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001Core.job
2015-07-25 08:33 - 2015-04-05 10:32 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-25 08:32 - 2014-02-21 07:35 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1644989510-745574122-4044334557-1001
2015-07-25 08:32 - 2013-12-19 18:31 - 00000000 ___RD C:\Users\jan\SkyDrive
2015-07-25 08:21 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-24 08:01 - 2013-11-14 00:18 - 00042546 _____ C:\WINDOWS\PFRO.log
2015-07-23 14:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-07-23 10:52 - 2014-02-11 22:54 - 00641024 ___SH C:\Users\jan\Documents\Thumbs.db
2015-07-22 14:34 - 2014-02-01 03:06 - 00000000 ____D C:\Users\jan\AppData\Roaming\Audacity
2015-07-21 21:27 - 2013-08-22 16:44 - 00624040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-21 09:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-21 08:14 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-21 00:10 - 2014-01-18 01:23 - 00000000 ____D C:\Users\jan\AppData\Roaming\FileZilla
2015-07-20 22:17 - 2013-12-26 01:49 - 00000000 ____D C:\Users\jan\AppData\Local\CrashDumps
2015-07-20 16:02 - 2014-07-19 13:18 - 00000000 ____D C:\Users\jan\Documents\My Kindle Content
2015-07-18 18:37 - 2015-06-16 08:31 - 00004186 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001UA
2015-07-18 18:37 - 2015-06-16 08:31 - 00003806 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001Core
2015-07-17 12:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-07-17 00:14 - 2014-12-11 00:27 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-17 00:14 - 2014-07-12 21:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-17 00:14 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-17 00:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-16 17:22 - 2013-12-18 15:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-16 17:14 - 2015-04-05 10:32 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-15 17:13 - 2014-11-13 11:00 - 00000000 __SHD C:\Users\jan\AppData\Local\EmieBrowserModeList
2015-07-15 17:13 - 2014-04-30 13:11 - 00000000 __SHD C:\Users\jan\AppData\Local\EmieUserList
2015-07-15 17:13 - 2014-04-30 13:11 - 00000000 __SHD C:\Users\jan\AppData\Local\EmieSiteList
2015-07-15 15:37 - 2013-12-20 18:53 - 00000000 ____D C:\Users\jan\AppData\Local\Adobe
2015-07-15 08:09 - 2014-12-11 19:12 - 00003862 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1418317910
2015-07-15 08:09 - 2014-12-11 19:12 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-15 08:09 - 2014-12-11 19:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 22:03 - 2014-12-27 10:11 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 22:45 - 2014-06-13 10:23 - 00000000 ____D C:\Users\jan\Desktop\panelsell
2015-07-12 11:49 - 2015-05-30 09:17 - 00003680 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1644989510-745574122-4044334557-1001
2015-07-12 11:49 - 2014-06-13 13:04 - 00003584 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1644989510-745574122-4044334557-1001
2015-07-10 20:20 - 2013-12-18 16:15 - 00000000 ____D C:\Users\jan\AppData\Local\Google
2015-07-10 07:50 - 2015-06-02 20:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-10 07:50 - 2014-03-15 17:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 18:53 - 2013-12-18 11:27 - 00000000 ____D C:\Users\jan\AppData\Roaming\Adobe
2015-07-04 17:04 - 2015-06-03 08:23 - 00000000 ____D C:\Users\jan\Desktop\max
2015-07-04 12:43 - 2014-09-17 17:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-04 12:43 - 2013-12-19 12:55 - 00000000 ____D C:\ProgramData\Skype
2015-07-03 14:47 - 2013-12-20 18:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-03 14:46 - 2013-03-01 22:00 - 00000000 ____D C:\ProgramData\Adobe
2015-07-03 08:43 - 2013-12-18 15:22 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-01 08:54 - 2012-07-26 07:26 - 00000223 _____ C:\WINDOWS\win.ini
2015-06-30 20:50 - 2014-06-29 13:15 - 00000000 ____D C:\Users\jan\Desktop\Rappazzo
2015-06-29 23:46 - 2015-03-28 13:34 - 00000000 ____D C:\Users\jan\Desktop\B628
2015-06-27 10:44 - 2013-12-28 22:51 - 00000000 ____D C:\Program Files (x86)\iTunes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-20 15:29 - 2014-08-20 15:31 - 0610360 _____ () C:\Users\jan\AppData\Roaming\Scorch_Install.log
2013-12-18 11:27 - 2015-07-26 09:40 - 0000062 _____ () C:\Users\jan\AppData\Roaming\sp_data.sys
2014-01-25 18:54 - 2014-01-25 18:54 - 0004608 _____ () C:\Users\jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-13 18:23 - 2014-01-13 18:23 - 0004096 ____H () C:\Users\jan\AppData\Local\keyfile3.drm
2014-06-22 18:25 - 2014-08-13 10:55 - 0000600 _____ () C:\Users\jan\AppData\Local\PUTTY.RND
2015-07-24 09:08 - 2015-07-24 09:08 - 0001606 _____ () C:\Users\jan\AppData\Local\recently-used.xbel
2014-03-19 14:26 - 2014-10-09 09:40 - 0001390 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\jan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc78nya.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-25 10:23
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-07-2015
durchgeführt von jan an 2015-07-26 09:49:37
Gestartet von C:\Users\jan\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1644989510-745574122-4044334557-500 - Administrator - Disabled)
Gast (S-1-5-21-1644989510-745574122-4044334557-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1644989510-745574122-4044334557-1007 - Limited - Enabled)
jan (S-1-5-21-1644989510-745574122-4044334557-1001 - Administrator - Enabled) => C:\Users\jan
UpdatusUser (S-1-5-21-1644989510-745574122-4044334557-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510gm_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
AdWords Editor (HKLM-x32\...\{7690724C-0329-4830-97DE-F765D5AD7705}) (Version: 11.1.2 - Google)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.07 - ASUSTeK Computer Inc.)
Amazon Kindle (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.30 - ASUSTeK Computer Inc)
ASUS Key Suite (HKLM-x32\...\{71E2F4D6-191A-4A36-8A5C-8AFEA92729C9}) (Version: 1.02.01 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.10 - ASUS)
ASUS MX Suite (HKLM-x32\...\MAGIX_{E2053DE3-D33E-4152-B99F-7F43AF0FF434}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Transformer AiO (HKLM-x32\...\{27511FFF-5E1F-491C-8128-152DF1437EC2}) (Version: 1.04.01 - ASUSTeK Computer Inc.)
ASUS Video easy (HKLM-x32\...\MAGIX_{4899C92E-4141-4877-83E6-87ED0AC2F458}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.27 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 3146416.1637764.4759644.48 - Audible, Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackboard Collaborate Launcher (HKLM-x32\...\{7D82D616-8BD8-4BE3-B19C-C4BC772E8426}) (Version: 1.2.0.0 - Blackboard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connection Builder (HKLM-x32\...\{BFD3F8C8-370C-472A-9817-546A2587E42C}) (Version: 1.02.10 - ASUSTeK Computer Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.05 - ASUSTeK Computer Inc.)
ENE CIR Receiver Driver (HKLM\...\418374E8BD1F08FCA12E6AEC5F8FD985D836DC4B) (Version: 4.0.0.0 - ENE)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Fingertapps Instruments (HKLM-x32\...\{A9D04D4D-D330-4402-854E-E4EF8AD26E8B}) (Version: 2.0.143.0 - Fingertapps)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.1.1.1 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoToMeeting 7.2.3.3019 (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\GoToMeeting) (Version: 7.2.3.3019 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510g-m 14.0 Rel. 6 (HKLM\...\{C55BF64E-60E1-494C-B1EB-97A008141A55}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IBP 12.0.4 (HKLM-x32\...\IBP12_is1) (Version: 12.0.4 - Axandra GmbH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Kindle Converter (HKLM-x32\...\kindleConverter) (Version: 1.2.1 - eBook Converter)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
MAGIX Music Maker Touch (HKLM-x32\...\MAGIX_{D4CD63D9-77ED-4333-9FDD-83EDE82B888E}) (Version: 16.9.1.34 - MAGIX AG)
MAGIX Music Maker Touch (Version: 16.9.1.34 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.012.05.00.382 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NaturalReader12 (HKLM-x32\...\{C343E2F9-2074-4577-9A4A-6AB22BF48C39}) (Version: 1.00.0000 - Naturalsoft limited)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 311.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 311.03 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
oDesk Team (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\oDVT) (Version: - oDesk Corporation)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
P1801 System Behavior (HKLM-x32\...\{FAD76E43-5857-4915-A10F-D02616A5C6E6}) (Version: 1.00.04 - ASUSTeK Computer Inc.)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Peter (HKLM-x32\...\{885A38DF-FED2-4B4C-870B-C740F0D3EA6C}) (Version: 1.00.0000 - Naturalsoft)
PhonerLite 2.16 (HKLM-x32\...\PhonerLite_is1) (Version: 2.16 - Heiko Sommerfeldt)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Rachel (HKLM-x32\...\{F0CB5974-4CDB-4C09-9AE0-FF4DE9DEF28F}) (Version: 1.00.0000 - Naturalsoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1091 - RStudio)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM-x32\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 1.5.0.1 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 1.5.0.1 - Splashtop Inc.) Hidden
Spotify (HKU\S-1-5-21-1644989510-745574122-4044334557-1001\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAXMAN 2014 (HKLM-x32\...\{4A1C559D-38F6-49CF-BDA5-CF354FFE04E4}) (Version: 20.06.00.0001 - Haufe-Lexware GmbH & Co.KG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TortoiseSVN 1.8.10.26129 (64 bit) (HKLM\...\{A9E679EC-8FD4-49D8-A5A5-ACE462515A9E}) (Version: 1.8.26129 - TortoiseSVN)
Tracker (HKLM-x32\...\com.elance.tracker) (Version: 2.3.3 - Elance Inc)
Tracker (x32 Version: 2.3.3 - Elance Inc) Hidden
Traffic Travis 4.1.0 (HKLM-x32\...\Traffic Travis 4.1 Setup Wizard_is1) (Version: - Affilorama Ltd.)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\jan\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\jan\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1644989510-745574122-4044334557-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
10-07-2015 20:19:51 Installed AdWords Editor
14-07-2015 10:20:50 Removed Google Earth Plug-in.
21-07-2015 08:13:15 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0304D196-3F55-4C75-8D2A-505A5C2A16D7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {17F5B526-67BD-46F7-A524-E08C53D95133} - System32\Tasks\G2MUpdateTask-S-1-5-21-1644989510-745574122-4044334557-1001 => C:\Users\jan\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe [2015-07-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {1AA12858-D64A-4D55-BE72-2CC97D8B7EF6} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {1C732F10-93F4-491D-BD33-252D332684CD} - System32\Tasks\ASUS\ASUS Trans AiO => C:\Program Files (x86)\ASUS\ASUS Transformer AiO\TaichiHome.exe [2013-04-26] (ASUSTeK Computer Inc.)
Task: {1EC8FC84-46BA-44D6-882B-E0F60751CBD7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {357B28EE-099D-4CA3-BC15-3CFFFD953EF2} - System32\Tasks\ASUS\ASUS Transformer AiO Helper => C:\Program Files (x86)\ASUS\ASUS Transformer AiO\AsRunASUSTransformerAiO.exe [2013-01-16] (ASUSTeK Computer Inc.)
Task: {3F73A1A0-FAE4-4630-BC34-0B7CB3EA29BA} - System32\Tasks\ASUS\P1801 System Behavior => C:\Program Files\ASUS\P1801 System Behavior\P1801Ctrl.exe [2013-03-29] (ASUSTeK Computer Inc.)
Task: {40F53ED5-EDD6-497D-9802-4C16A4CDD658} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-27] (ASUS)
Task: {4C9C085A-E2DC-4FB6-BCAC-E949A33352C0} - System32\Tasks\ASUS\ASUS Easy Update => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2012-11-20] (ASUSTeK Computer Inc.)
Task: {5F839F47-DD69-438B-8A33-39AA042C22B0} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {610A312C-003A-434B-BFBA-5A738D671655} - System32\Tasks\ASUS\ASUS Transformer AiO => C:\Program Files (x86)\ASUS\ASUS Transformer AiO\TaichiHome.exe [2013-04-26] (ASUSTeK Computer Inc.)
Task: {6872AC92-2C6C-41A3-94C4-C3A296226292} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)
Task: {73E93683-28DB-486B-B800-9A47025AFEE9} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-27] ()
Task: {82684D69-05F5-4139-87B4-EC26C4F1C5F3} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {88DC8776-E083-4285-B665-AC82C22A241D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-07-09] (Symantec Corporation)
Task: {97410B41-0E06-4671-BCB0-C2850CBEB174} - System32\Tasks\ASUS\P1801 Connection Builder => C:\Program Files (x86)\ASUS\Connection Builder\ConBuilder.exe [2013-01-29] (ASUSTeK Computer Inc.)
Task: {988D7C70-74F1-42BE-B40F-D6B35322C9A3} - System32\Tasks\ASUS\ASUS Key Suite Helper => C:\Program Files (x86)\ASUS\ASUS Key Suite\AsRunKeySuite.exe [2012-11-23] (ASUSTeK Computer Inc.)
Task: {99F3A0C2-32C2-4523-A014-EFF66F0DCD1B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1644989510-745574122-4044334557-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {9DB716A0-D6DA-4A70-87D5-9128AF467DAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001UA => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {AEC41C1D-0A32-4EBC-ADA7-4EC8C316C2BD} - System32\Tasks\ASUS\ASUS Trans AiO Helper => C:\Program Files (x86)\ASUS\ASUS Transformer AiO\AsRunASUSTransAiO.exe [2013-04-25] (ASUSTeK Computer Inc.)
Task: {C4EA86FF-B85E-4174-986C-09CAC8E7FAB0} - System32\Tasks\G2MUploadTask-S-1-5-21-1644989510-745574122-4044334557-1001 => C:\Users\jan\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe [2015-07-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {D8328169-91AF-4F36-9181-EA4493C84E78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-18] (Google Inc.)
Task: {D8AFEB54-E1D5-428E-9456-77E3726F5DF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F45BB995-5D71-4B7B-A0A2-5B1A40E75CED} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001Core => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FD5DDEAB-043F-42FA-8E8F-7EE219B0EBFA} - System32\Tasks\Opera scheduled Autoupdate 1418317910 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {FF5C0B5B-29BC-4CD8-9A3A-2B3559B46067} - System32\Tasks\{1CF4E19A-2EC8-4A76-A51A-3B159D1E0B1F} => pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_Plugin.exe -c -maintain plugin
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001Core.job => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1644989510-745574122-4044334557-1001UA.job => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1644989510-745574122-4044334557-1001.job => C:\Users\jan\AppData\Local\Citrix\GoToMeeting\3019\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1644989510-745574122-4044334557-1001.job => C:\Users\jan\AppData\Local\Citrix\GoToMeeting\3019\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-04-10 07:58 - 2013-04-10 07:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-06-06 12:21 - 2013-05-21 09:28 - 00656976 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2015-03-29 12:29 - 2015-03-29 12:29 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-17 21:31 - 2014-12-17 21:31 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-12-17 21:30 - 2014-12-17 21:30 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-12-20 11:36 - 2012-10-18 12:17 - 00010752 _____ () C:\Program Files (x86)\ASUS\ASUS Transformer AiO\WMIProcX64.dll
2012-11-27 04:43 - 2012-11-27 04:43 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2014-02-06 19:29 - 2014-01-13 18:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-03-15 10:00 - 2012-11-08 11:59 - 00040960 _____ () C:\Windows\SysWOW64\UMonit.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-06 12:21 - 2009-01-10 20:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-06-06 12:21 - 2009-06-23 04:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-06-06 12:21 - 2012-10-31 11:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-06-06 12:21 - 2012-10-31 11:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-06-06 12:21 - 2013-05-21 09:20 - 00839680 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-06-06 12:21 - 2012-10-31 11:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2015-03-29 12:29 - 2015-03-29 12:29 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-03-01 21:56 - 2012-11-19 21:04 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll
2013-03-01 21:56 - 2010-10-05 18:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\Connection Builder\pngio.dll
2013-03-01 21:56 - 2012-08-23 03:25 - 00071680 _____ () C:\Program Files (x86)\ASUS\Connection Builder\SYWlan.dll
2015-03-05 23:14 - 2015-07-25 08:27 - 41287224 _____ () C:\Users\jan\AppData\Roaming\Spotify\libcef.dll
2014-12-17 20:53 - 2014-12-17 20:53 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2015-07-26 09:38 - 2015-07-26 09:38 - 00043008 _____ () c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc78nya.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-26 00:08 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-26 00:08 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll
2013-09-26 12:20 - 2013-09-26 12:20 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2013-09-26 12:20 - 2013-09-26 12:20 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2015-03-05 23:14 - 2015-07-25 08:27 - 01488440 _____ () C:\Users\jan\AppData\Roaming\Spotify\libglesv2.dll
2015-03-05 23:14 - 2015-07-25 08:27 - 00079928 _____ () C:\Users\jan\AppData\Roaming\Spotify\libegl.dll
2015-03-05 23:14 - 2015-03-20 10:07 - 09305656 _____ () C:\Users\jan\AppData\Roaming\Spotify\pdf.dll
2014-10-16 11:38 - 2014-10-16 11:38 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2013-10-29 18:26 - 2013-10-29 18:26 - 00133120 _____ () C:\Program Files (x86)\Naturalsoft\NaturalReader12\NaturalReaderOutLook.dll
2013-03-15 09:53 - 2012-06-26 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-14 14:24 - 2014-05-14 14:24 - 00113600 _____ () C:\WINDOWS\assembly\GAC_32\BabTTSNet\1.0.0.0__42c06521a0e50ba0\BabTTSNet.dll
2015-03-03 10:36 - 2014-10-29 05:59 - 01029952 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2015-03-03 10:33 - 2014-10-29 02:46 - 00531456 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2012-08-27 12:43 - 2012-08-27 12:43 - 00891824 _____ () C:\Program Files (x86)\Naturalsoft\acatts.dll
2012-08-27 12:29 - 2012-08-27 12:29 - 00638920 _____ () C:\Program Files (x86)\Naturalsoft\voice\bin\Selector2.dll
2012-08-27 12:37 - 2012-08-27 12:37 - 00241088 _____ () C:\Program Files (x86)\Naturalsoft\AcaTtsSapi5.dll
2013-03-01 21:56 - 2011-07-12 20:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-03-01 21:56 - 2010-10-05 09:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-03-01 21:56 - 2012-10-08 18:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-03-01 21:56 - 2012-06-19 22:56 - 01305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-03-01 21:56 - 2011-09-19 21:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-03-01 21:56 - 2011-07-21 10:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-03-01 21:56 - 2012-08-29 19:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-03-01 21:56 - 2010-10-05 09:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1644989510-745574122-4044334557-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E333D0B2-E2CF-4C99-867E-14B415EF7F2D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{5011372B-587D-4F63-B9C8-1A074E735004}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{09E884DB-5940-4A25-A08B-1638E43C4328}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F3C02302-E4FA-4211-A24E-ABF767D23E5B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [UDP Query User{40A286B9-E95A-4189-9F46-BAE1B737ED5D}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5E31C298-DD38-4A33-8A3E-857CA9ACE48C}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{01854289-6681-4347-B96B-E2A3ED4F4729}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{63744664-76FE-4D7E-9AD0-B1AB7670AFA8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{92B9080E-12C9-458E-8E05-2D7F18C04F1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4797719A-F47E-417D-A4BE-E9FEDB6A7CCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{77F61779-0C52-43D6-BF52-CF3B66E92D62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C587287D-A838-4893-86B0-F5D36A423781}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{B7CFB257-BE3E-4D0D-A423-51ED5054EA6C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E32A0187-2164-470C-90E5-5C2F502094A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FA953721-3CA3-4E4B-8D9E-E552E283B2DB}] => (Allow) C:\Users\jan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{6C4CFCED-F10C-4DBE-A391-5C0A7B0377AB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{A6C99C64-7DE3-48C0-8B6C-9D3604B85938}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{A5751F2C-7BC5-43A9-9AB3-ECC2AD0A63C4}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{ED5DA683-3D9C-4DD7-9D44-CF2F5423B209}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{085429AB-8C99-405D-AE6F-7B9A648ABB24}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1E887130-7A43-4CF2-B1A8-E661B59F7A20}] => (Allow) LPort=2869
FirewallRules: [{0FB754B9-C45A-4BCF-BBD0-0C57478DFFCF}] => (Allow) LPort=1900
FirewallRules: [{50E0A364-D002-45FD-AD31-A3A1C356E3EA}] => (Allow) C:\Users\jan\AppData\Local\Temp\7zS336A\setup\hpznui40.exe
FirewallRules: [{685BCE4D-8618-4FE1-AE6D-D0C46CDEC35C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D24189A7-7148-4441-8E99-ABBD85EEA4CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BD9A02EC-71BD-4363-963D-0D0CA050D092}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{1B30C5A6-781E-49D2-9F5E-55F75B1906D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{15A43E8F-8F67-4886-B9A7-98FA45A1ECFB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{ADFF2FF5-6C04-4667-9BD3-E7C8795AACE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5123F0C6-5DFD-4C83-A218-48B3F6002D05}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{51C37BE2-60B4-4207-9067-D32E78519E00}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{66A8D4FE-6D58-4836-B139-E69426D6186B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{70F4197A-939B-40BF-AEE8-C35752E6B4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BA7F2739-4253-4C54-8CBB-F008CE9F0DD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{57A0B836-AA9F-4BE8-A74D-33EC05BDBAD1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{57E788E2-E1B2-4A6B-B8B2-298F5F12A748}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{88E73993-0E2D-4D98-A627-0A5C24E73634}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4BFDF49F-A752-487F-8ED8-19104BBAA290}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B7AE907E-7316-4A4A-B5A3-073B975DE4F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{84326114-BFF9-4CB7-B6FB-E56795741A51}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{617EFAD5-5BE1-4E7A-8B5B-D2690BE3AAFD}] => (Allow) F:\fsetup.exe
FirewallRules: [{61E99E53-3F4B-4E76-9E89-8F2E330187F5}] => (Allow) F:\fsetup.exe
FirewallRules: [TCP Query User{A886C581-5D2F-41F0-9622-B029C69627EE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{871E12E3-944F-423A-AF51-04B021BA98B9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8141C17A-E79B-47EF-AAD0-4A77D68370C9}] => (Allow) C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{153829EF-79CC-4A33-B885-2559172A70AE}] => (Allow) C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F60C80E7-53C1-4955-ACF6-B61D35706853}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7184CAB9-BA86-4154-A3D8-2799F8BE99A9}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2CA7A733-5C34-4F98-B933-AC8C44B4D582}] => (Allow) C:\Users\jan\AppData\Local\Temp\nsrE941.tmp\CnetInstaller-76036949.exe
FirewallRules: [{F0F88AE7-A35B-4354-8C83-6F0D4F0783F2}] => (Allow) C:\Users\jan\AppData\Local\Temp\nsrE941.tmp\CnetInstaller-76036949.exe
FirewallRules: [{268517EB-FC1D-4CA9-BB1A-6825EC0E27CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28F4F184-3547-4DDA-BD8E-AFEC803EA045}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72E7A09F-39E9-4A75-882D-78126AEDB369}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F60AA166-55E7-4C6F-B896-6418232C983B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B4A1E684-F409-43D9-A381-EE502220C80A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C7E0B28F-FF4C-47C5-B5D9-62554E0EFEDD}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{76B70D28-5BE0-4E48-8DC9-D458A195EFCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{966D90D6-8BA0-443F-9995-8E796DBE6AA1}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{13011A3D-6E2D-4D2E-9F57-94A993CFC7D2}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{F59576C9-C598-4878-B22D-C165C0D9D17C}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5968
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5968
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4843
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4843
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2359
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2359
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:13:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109
Systemfehler:
=============
Error: (07/26/2015 09:37:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/26/2015 09:37:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
Error: (07/26/2015 09:19:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/26/2015 09:00:09 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/26/2015 12:14:07 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/25/2015 12:53:54 PM) (Source: DCOM) (EventID: 10010) (User: janismaschine)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/25/2015 12:53:24 PM) (Source: DCOM) (EventID: 10010) (User: janismaschine)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/25/2015 12:13:06 PM) (Source: DCOM) (EventID: 10010) (User: janismaschine)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/25/2015 12:12:36 PM) (Source: DCOM) (EventID: 10010) (User: janismaschine)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/25/2015 10:47:14 AM) (Source: DCOM) (EventID: 10010) (User: janismaschine)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office:
=========================
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5968
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5968
Error: (07/26/2015 12:14:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4843
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4843
Error: (07/26/2015 12:14:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2359
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2359
Error: (07/26/2015 12:13:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/26/2015 12:13:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 66%
Total physical RAM: 4046.89 MB
Available physical RAM: 1337.21 MB
Total Virtual: 9678.89 MB
Available Virtual: 5467.48 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:149.66 GB) (Free:26.42 GB) NTFS
Drive d: (Data) (Fixed) (Total:763.35 GB) (Free:697.1 GB) NTFS
Drive e: (USB DISK) (Removable) (Total:0.94 GB) (Free:0.01 GB) FAT
Drive f: (01 Mai 2015) (CDROM) (Total:4.38 GB) (Free:2.48 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B8DD0DC0)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 961 MB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== Ende von log ============================
Geändert von jan29 (25.07.2015 um 18:15 Uhr) |
|
26.07.2015, 13:43
| #4 |
| | 302 moved the document has moved here und der gmert.txt file Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-26 10:29:46
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000030 ST1000DM003-9YN162 rev.CC4B 931,51GB
Running: Gmer-19357 (2).exe; Driver: C:\Users\jan\AppData\Local\Temp\kxlyqkog.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [656:4244] fffff9600083d2d0
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:2140] 0000000000fa1c94
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:2760] 000000007145e767
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:3192] 000000006f373911
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:2412] 000000006f373911
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:1352] 000000006f373911
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:3388] 000000006ff23047
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:3384] 000000006fd81499
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [2136:6576] 00000000721f1900
Thread C:\WINDOWS\Explorer.EXE [4344:5688] 00007ffdd5f9e630
Thread C:\WINDOWS\Explorer.EXE [4344:5320] 00007ffdd5f9e630
Thread C:\WINDOWS\SYSTEM32\ntdll.dll [4548:4552] 0000000000f0c9c3
---- Processes - GMER 2.1 ----
Library C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006fbc0000
Library C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006e940000
Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006a1c0000
Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006ff00000
Library C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006efc0000
Library C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2108](2014-06-06 10:21:24) 000000006ed40000
Process C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (FILE NOT FOUND) 0000000000400000
Library c:\users\jan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc78nya.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-07-26 07:38:17) 0000000005030000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24) 000000005a850000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30) 000000004a900000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30) 0000000005b30000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30) 000000004ad00000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 000000005a430000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 000000005a140000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 000000005a010000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000058690000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000057660000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000057440000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000571e0000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 00000000571b0000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 00000000571a0000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28) 0000000059d00000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000059cc0000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26) 0000000059c70000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 0000000059b30000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 0000000059800000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 0000000052920000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 0000000052860000
Library C:\Users\jan\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe [5380](2015-03-04 21:45:30) 00000000527e0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Danke und Gruss Jan |
|
27.07.2015, 06:50
| #5 |
| /// the machine /// TB-Ausbilder | 302 moved the document has moved here ich seh in den Logs nix. Frage: Das 302 kam nach Klicken auf das Suchergebnis, also wenn Du es anzeigen willst? Dann ist das Dokument/die Seite noch bei Google drin, aber es gibt es eben nicht mehr an der Stelle. Ganz einfach
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.07.2015, 07:29
| #6 |
| | 302 moved the document has moved here Moin Schrauber, erstmal Danke.Huhh...große Erleichterung, da ich vom Homeoffice aus arbeite. Das heisst, ich kann ganz normal meine Passwörter in alle möglichen Seiten eingeben, mit denen ich arbeite richtig? Nein, das mit dem 302 war so: Ich habe meinen Suchbegrff direkt in die Browerzeile eingegeben und Enter gedrückt. Ich habe keine URL angewählt oder eingetippt. Dann kam diese 30 Anzeige. Lieben Gruss Jan |
|
27.07.2015, 07:54
| #7 |
| /// the machine /// TB-Ausbilder | 302 moved the document has moved here ehm, warum macht man denn sowas? Daskann gar nicht funktionieren
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.07.2015, 09:20
| #8 |
| | 302 moved the document has moved here Ich mache das immer so, klappt eigentlich prima. Egal, ich kann also mein System ganz normal weiter benutzen, richtig? Danke und Gruss Jan |
|
28.07.2015, 06:43
| #9 |
| /// the machine /// TB-Ausbilder | 302 moved the document has moved here ja
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.07.2015, 07:23
| #10 |
| | 302 moved the document has moved here Prima, Spende ist auf dem Weg, wie immer. Danke und Gruss Jan PS: Ich kann den Spendenlink nicht mehr finden? |
|
29.07.2015, 14:39
| #11 |
| /// the machine /// TB-Ausbilder | 302 moved the document has moved here In meiner Signatur
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.08.2015, 07:16
| #12 |
| | 302 moved the document has moved here Hi, euer Konto müsste jetzt aus allen Nähten platzen, jetzt wo meine bescheidenen 10 dazu gekommen sind. Gruss und nochmal Danke Jan PS: Der Spendenlink ist schlecht zu finden. Man sollte ihn etwas exponierter platzieren. |
|
03.08.2015, 16:01
| #13 |
| /// the machine /// TB-Ausbilder | 302 moved the document has moved here ich will ja nicht zu aufdringlich sein damit 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu 302 moved the document has moved here |
| 302 google suchanfrage, document, erfahrungen, firefox, gen, mehrfach, meldung, moved, schei, stelle, suchergebnisse, surfe, surfen, troja, trojaner |
Linear-Darstellung
